Looking for code examples to Set and Get assuming one has the Security Name, Auth and Private session keys.
Do you have seen the org.snmp4j package JavaDoc already?
https://snmp4j.org/doc/org/snmp4j/package-summary.html
What is missing to build a SNMPv3 GET example from that is the USM configuration. This can be taken from here by removing the second USM instance and configuring only one:
https://doc.snmp.app/pages/viewpage.action?pageId=1441800
Nevertheless, I will post a complete example later here…
Thank you, I will be patiently waiting for your complete examples. I’ll review the examples you provided.
Hi Maurice,
A fully featured example is included in the SNMP4J code base as org.snmp4j.tools.console.SnmpCommand class.
I know that your looking for something shorter. I will provide a short sample code soon (within 24h), but I have finish some other tasks first.
Best regards,
Frank
Thank you!! Any additional source will help!
Maurice
I have added a GETNEXT SNMPv3 code sample in the SNMP4J FAQ at:
https://doc.snmp.app/pages/viewpage.action?pageId=42369028
It shows, that it is not necessary (and not recommended) to create a SNMP4J instance and/or a USM per send PDU. The opposite is true! Please reuse USM, SNMP4J, and MPv3 and the TransportMapping you use, because their creation costs much more CPU cycles than sending a PDU.
Very expensive (in relation) is creating an UsmUser (i.e. localising the passphrase). This should be done only once per session (not per PDU).
Hope this helps.
1 Like
It appears from the log, it is sourcing from my IPv4 address and not the IPv6 address
Thoughts?
2019-07-08 16:15:55.040 main DEBUG Initialized Salt to fa7a2a9058a52dbc.
2019-07-08 16:15:55.088 DefaultUDPTransportMapping_10.166.40.139/53628 DEBUG UDP receive buffer size for socket 10.166.40.139/0 is set to: 65536
2019-07-08 16:15:55.090 DefaultUDPTransportMapping_10.166.40.139/53628 INFO Listening on socket 10.166.40.139/53628
2019-07-08 16:15:55.126 main DEBUG Adding user docsisManager = UsmUser[secName=docsisManager,authProtocol=1.3.6.1.6.3.10.1.1.5,authPassphrase=40816FF828BF22706590A2A36B821621,privProtocol=1.3.6.1.6.3.10.1.2.4,privPassphrase=1869B0962D95E42595E93A5BF96C6325,localizationEngineID=null]
2019-07-08 16:15:55.152 main DEBUG RFC3414 §3.1.4.b Outgoing message is not encrypted
2019-07-08 16:15:55.178 main DEBUG Adding cache entry: StateReference[msgID=421504317,pduHandle=PduHandle[752150146],securityEngineID=,securityModel=org.snmp4j.security.USM@22f71333,securityName=docsisManager,securityLevel=1,contextEngineID=,contextName=,retryMsgIDs=null]
2019-07-08 16:15:55.200 main DEBUG Running pending async request with handle PduHandle[752150146] and retry count left 1
2019-07-08 16:15:55.220 main DEBUG Sending message to 2001:558:4082:4e:225:f1ff:fe86:12fe/161 from 10.166.40.139/53628 with length 61: 30:3b:02:01:03:30:11:02:04:19:1f:a5:3d:02:03:00:ff:ff:04:01:04:02:01:03:04:10:30:0e:04:00:02:01:00:02:01:00:04:00:04:00:04:00:30:11:04:00:04:00:a1:0b:02:01:00:02:01:00:02:01:00:30:00
2019-07-08 16:15:55.222 main DEBUG Sending packet to 2001:558:4082:4e:225:f1ff:fe86:12fe/161
java.net.BindException: Cannot assign requested address: Datagram send failed
at java.base/java.net.DualStackPlainDatagramSocketImpl.socketSend(Native Method)
at java.base/java.net.DualStackPlainDatagramSocketImpl.send(DualStackPlainDatagramSocketImpl.java:136)
at java.base/java.net.DatagramSocket.send(DatagramSocket.java:695)
at org.snmp4j.transport.DefaultUdpTransportMapping.sendMessage(DefaultUdpTransportMapping.java:128)
at org.snmp4j.transport.DefaultUdpTransportMapping.sendMessage(DefaultUdpTransportMapping.java:48)
at org.snmp4j.MessageDispatcherImpl.sendMessage(MessageDispatcherImpl.java:219)
at org.snmp4j.MessageDispatcherImpl.sendPdu(MessageDispatcherImpl.java:523)
at org.snmp4j.Snmp.sendMessage(Snmp.java:1054)
at org.snmp4j.Snmp.send(Snmp.java:1025)
at org.snmp4j.Snmp.send(Snmp.java:1012)
at org.snmp4j.Snmp.getNext(Snmp.java:696)
at main.UsmGetNext.next(UsmGetNext.java:139)
at main.UsmGetNext.main(UsmGetNext.java:163)
org.snmp4j.MessageException: Cannot assign requested address: Datagram send failed
at org.snmp4j.MessageDispatcherImpl.sendPdu(MessageDispatcherImpl.java:543)
at org.snmp4j.Snmp.sendMessage(Snmp.java:1054)
at org.snmp4j.Snmp.send(Snmp.java:1025)
at org.snmp4j.Snmp.send(Snmp.java:1012)
at org.snmp4j.Snmp.getNext(Snmp.java:696)
at main.UsmGetNext.next(UsmGetNext.java:139)
at main.UsmGetNext.main(UsmGetNext.java:163)
Caused by: java.net.BindException: Cannot assign requested address: Datagram send failed
at java.base/java.net.DualStackPlainDatagramSocketImpl.socketSend(Native Method)
at java.base/java.net.DualStackPlainDatagramSocketImpl.send(DualStackPlainDatagramSocketImpl.java:136)
at java.base/java.net.DatagramSocket.send(DatagramSocket.java:695)
at org.snmp4j.transport.DefaultUdpTransportMapping.sendMessage(DefaultUdpTransportMapping.java:128)
at org.snmp4j.transport.DefaultUdpTransportMapping.sendMessage(DefaultUdpTransportMapping.java:48)
at org.snmp4j.MessageDispatcherImpl.sendMessage(MessageDispatcherImpl.java:219)
at org.snmp4j.MessageDispatcherImpl.sendPdu(MessageDispatcherImpl.java:523)
… 6 more
Trying to figure this out:
Not sure why there a default IPv4 mapping? Am I missing something?
I am using a dual stack, but not sure why I am getting this error.
thoughts?
2019-07-08 16:15:55.040 main DEBUG Initialized Salt to fa7a2a9058a52dbc.
2019-07-08 16:15:55.088 DefaultUDPTransportMapping_10.166.40.139/53628 DEBUG UDP receive buffer size for socket 10.166.40.139/0 is set to: 65536
2019-07-08 16:15:55.090 DefaultUDPTransportMapping_10.166.40.139/53628 INFO Listening on socket 10.166.40.139/53628
2019-07-08 16:15:55.126 main DEBUG Adding user docsisManager = UsmUser[secName=xxxxxx,authProtocol=1.3.6.1.6.3.10.1.1.5,authPassphrase=xxxxxxx ,privProtocol=1.3.6.1.6.3.10.1.2.4,privPassphrase=xxxxxx,localizationEngineID=null]
2019-07-08 16:15:55.152 main DEBUG RFC3414 §3.1.4.b Outgoing message is not encrypted
2019-07-08 16:15:55.178 main DEBUG Adding cache entry: StateReference[msgID=421504317,pduHandle=PduHandle[752150146],securityEngineID=,securityModel=org.snmp4j.security.USM@22f71333,securityName=xxxxx,securityLevel=1,contextEngineID=,contextName=,retryMsgIDs=null]
2019-07-08 16:15:55.200 main DEBUG Running pending async request with handle PduHandle[752150146] and retry count left 1
2019-07-08 16:15:55.220 main DEBUG Sending message to 2001:558:4082:4e:225:f1ff:fe86:12fe/161 from 10.166.40.139/53628 with length 61: 30:3b:02:01:03:30:11:02:04:19:1f:a5:3d:02:03:00:ff:ff:04:01:04:02:01:03:04:10:30:0e:04:00:02:01:00:02:01:00:04:00:04:00:04:00:30:11:04:00:04:00:a1:0b:02:01:00:02:01:00:02:01:00:30:00
2019-07-08 16:15:55.222 main DEBUG Sending packet to 2001:558:4082:4e:225:f1ff:fe86:12fe/161
java.net.BindException: Cannot assign requested address: Datagram send failed
at java.base/java.net.DualStackPlainDatagramSocketImpl.socketSend(Native Method)
at java.base/java.net.DualStackPlainDatagramSocketImpl.send(DualStackPlainDatagramSocketImpl.java:136)
at java.base/java.net.DatagramSocket.send(DatagramSocket.java:695)
at org.snmp4j.transport.DefaultUdpTransportMapping.sendMessage(DefaultUdpTransportMapping.java:128)
at org.snmp4j.transport.DefaultUdpTransportMapping.sendMessage(DefaultUdpTransportMapping.java:48)
at org.snmp4j.MessageDispatcherImpl.sendMessage(MessageDispatcherImpl.java:219)
at org.snmp4j.MessageDispatcherImpl.sendPdu(MessageDispatcherImpl.java:523)
at org.snmp4j.Snmp.sendMessage(Snmp.java:1054)
at org.snmp4j.Snmp.send(Snmp.java:1025)
at org.snmp4j.Snmp.send(Snmp.java:1012)
at org.snmp4j.Snmp.getNext(Snmp.java:696)
at main.UsmGetNext.next(UsmGetNext.java:139)
at main.UsmGetNext.main(UsmGetNext.java:163)
org.snmp4j.MessageException: Cannot assign requested address: Datagram send failed
at org.snmp4j.MessageDispatcherImpl.sendPdu(MessageDispatcherImpl.java:543)
at org.snmp4j.Snmp.sendMessage(Snmp.java:1054)
at org.snmp4j.Snmp.send(Snmp.java:1025)
at org.snmp4j.Snmp.send(Snmp.java:1012)
at org.snmp4j.Snmp.getNext(Snmp.java:696)
at main.UsmGetNext.next(UsmGetNext.java:139)
at main.UsmGetNext.main(UsmGetNext.java:163)
Caused by: java.net.BindException: Cannot assign requested address: Datagram send failed
at java.base/java.net.DualStackPlainDatagramSocketImpl.socketSend(Native Method)
at java.base/java.net.DualStackPlainDatagramSocketImpl.send(DualStackPlainDatagramSocketImpl.java:136)
at java.base/java.net.DatagramSocket.send(DatagramSocket.java:695)
at org.snmp4j.transport.DefaultUdpTransportMapping.sendMessage(DefaultUdpTransportMapping.java:128)
at org.snmp4j.transport.DefaultUdpTransportMapping.sendMessage(DefaultUdpTransportMapping.java:48)
at org.snmp4j.MessageDispatcherImpl.sendMessage(MessageDispatcherImpl.java:219)
at org.snmp4j.MessageDispatcherImpl.sendPdu(MessageDispatcherImpl.java:523)
Please read this article from Oracle on this subject:
https://docs.oracle.com/javase/7/docs/technotes/guides/net/ipv6_guide/index.html
By default DefaultUdpTransportMapping binds the any local address using 0.0.0.0/0. If the dual stack setup on your system does not work properly, you may bind to a IPv6 local address directly to workaround this exception.
Does SNMP Set works on SNMP4j Version - 1.11.3??
Yes, sure.
But why do you want to use such an old version of SNMP4J?
SNMP4J 1.x is about ten years old and no longer supported! I discourage anyone from using such an old version.
Latest version is 3.3.3.
Can you also provide an example code to send Get/Getbulk request to an agent with v3 protocol? That would be of great help in understanding.
Regards,
Nihal
For a SNMPv3 GETNEXT example see:
https://www.snmp4j.org
Simply change the PDU type in the following line and you get a GET or GETBULK example too:
PDU pdu = targetBuilder.pdu().type(PDU.GETNEXT).oids(oids).contextName(contextName).build();
For GETBULK you might need to modify the maxRepetitions and nonRepeaters values as well.
Hi Frank,
Thanks for your quick response. I did try the above suggestion for sending a get bulk request. But it ended up giving an exception which said “Message processing model 3 returned error: Unsupported security level”.
I did try to add the auth and priv protocols to the SecurityProtocol instance as below, but that too didn’t help. Please let me know if I am missing something here.
SecurityProtocols.getInstance().addAuthenticationProtocol(new AuthMD5());
SecurityProtocols.getInstance().addPrivacyProtocol(new PrivDES());
SecurityProtocols.getInstance().addDefaultProtocols();
Below is the stack-trace:
java.util.concurrent.ExecutionException: org.snmp4j.MessageException: Message processing model 3 returned error: Unsupported security level
at java.base/java.util.concurrent.CompletableFuture.reportGet(CompletableFuture.java:396)
at java.base/java.util.concurrent.CompletableFuture.get(CompletableFuture.java:2073)
at manager.UsmGetNext.nextFluent(UsmGetNext.java:52)
at manager.UsmGetNext.main(UsmGetNext.java:85)
Caused by: org.snmp4j.MessageException: Message processing model 3 returned error: Unsupported security level
at org.snmp4j.MessageDispatcherImpl.sendPdu(MessageDispatcherImpl.java:625)
at org.snmp4j.util.MultiThreadedMessageDispatcher.sendPdu(MultiThreadedMessageDispatcher.java:164)
at org.snmp4j.Snmp.sendMessage(Snmp.java:1074)
at org.snmp4j.Snmp.send(Snmp.java:1044)
at org.snmp4j.Snmp.send(Snmp.java:1031)
at org.snmp4j.fluent.SnmpCompletableFuture.send(SnmpCompletableFuture.java:100)
at manager.UsmGetNext.nextFluent(UsmGetNext.java:50)
… 1 more
Message processing model 3 returned error: Unsupported security level
Code:
public void nextFluent(String address, String contextName, String securityName, String authPassphrase,
String privPassphrase, String... oids) throws IOException {
SecurityProtocols.getInstance().addAuthenticationProtocol(new AuthMD5());
SecurityProtocols.getInstance().addPrivacyProtocol(new PrivDES());
SecurityProtocols.getInstance().addDefaultProtocols();
SnmpBuilder snmpBuilder = new SnmpBuilder();
Snmp snmp = snmpBuilder.udp().v3().usm().threads(5).build();
snmp.listen();
Address targetAddress = GenericAddress.parse(address);
byte[] targetEngineID = snmp.discoverAuthoritativeEngineID(targetAddress, 1000);
System.out.println(targetEngineID);
if (targetEngineID != null) {
TargetBuilder<?> targetBuilder = snmpBuilder.target(targetAddress);
Target<?> userTarget = targetBuilder.v3().user(securityName, targetEngineID).auth(TargetBuilder.AuthProtocol.md5)
.authPassphrase(authPassphrase).priv(TargetBuilder.PrivProtocol.des).privPassphrase(privPassphrase)
.done().timeout(500).retries(1).build();
userTarget.setSecurityLevel(SecurityLevel.AUTH_PRIV);;
// PDU pdu = new ScopedPDU();
// ScopedPDU customPDU = new ScopedPDU();
// //customPDU.setContextName(new OctetString(""));
// pdu=customPDU;
// pdu.add(new VariableBinding(new OID("1.3.6.1.4.1")));
// pdu.setType(PDU.GETBULK);
PDU pdu = targetBuilder.pdu().type(PDU.GETNEXT).oids(oids).contextName("").build();
SnmpCompletableFuture snmpRequestFuture = SnmpCompletableFuture.send(snmp, userTarget, pdu);
try {
List<VariableBinding> vbs = snmpRequestFuture.get().getAll();
System.out.println("Received: " + snmpRequestFuture.getResponseEvent().getResponse());
System.out.println("Payload: " + vbs);
} catch (ExecutionException | InterruptedException ex) {
ex.printStackTrace();
if (ex.getCause() != null) {
System.err.println(ex.getCause().getMessage());
} else {
System.err.println("Request failed: " + ex.getMessage());
}
}
} else {
System.err.println("Timeout on engine ID discovery for " + targetAddress + ", GETNEXT not sent.");
}
snmp.close();
}
MD5 is not secure anymore and therefore not supported by default.
Okay. I tried to give Sha as auth protocol. But still, the issue persists. It says the security level (which is “AuthPriv”), in my case, is invalid.
TargetBuilder<?> targetBuilder = snmpBuilder.target(targetAddress);
Target<?> userTarget = targetBuilder.v3().user(securityName, targetEngineID).auth(TargetBuilder.AuthProtocol.sha1)
.authPassphrase(authPassphrase).priv(TargetBuilder.PrivProtocol.des).privPassphrase(privPassphrase)
.done().timeout(500).retries(1).build();
Error:
java.util.concurrent.ExecutionException: org.snmp4j.MessageException: Message processing model 3 returned error: Unsupported security level
at java.base/java.util.concurrent.CompletableFuture.reportGet(CompletableFuture.java:396)
at java.base/java.util.concurrent.CompletableFuture.get(CompletableFuture.java:2073)
at manager.UsmGetNext.nextFluent(UsmGetNext.java:54)
at manager.UsmGetNext.main(UsmGetNext.java:87)
Caused by: org.snmp4j.MessageException: Message processing model 3 returned error: Unsupported security level
at org.snmp4j.MessageDispatcherImpl.sendPdu(MessageDispatcherImpl.java:625)
at org.snmp4j.util.MultiThreadedMessageDispatcher.sendPdu(MultiThreadedMessageDispatcher.java:164)
at org.snmp4j.Snmp.sendMessage(Snmp.java:1074)
at org.snmp4j.Snmp.send(Snmp.java:1044)
at org.snmp4j.Snmp.send(Snmp.java:1031)
at org.snmp4j.fluent.SnmpCompletableFuture.send(SnmpCompletableFuture.java:100)
at manager.UsmGetNext.nextFluent(UsmGetNext.java:52)
… 1 more
Message processing model 3 returned error: Unsupported security level
SHA1 is deprecated too. You can still use it, but you have to explicitly register it.
Thanks for the support. I was able to enable it using the below line
SecurityProtocols.getInstance().addAuthenticationProtocol(new AuthMD5());